356648 – use-after-free crash on closing cervisia having opened the configure menu

Bug 356648 - use-after-free crash on closing cervisia having opened the configure menu

Summary: use-after-free crash on closing cervisia having opened the configure menu

Status:	RESOLVED WORKSFORME

Alias:	None

Product:	cervisia
Classification:	Applications
Component:	general (show other bugs)
Version:	unspecified
Platform:	Compiled Sources Linux

Importance:	NOR crash
Target Milestone:	---
Assignee:	Christian Loose

URL:
Keywords:

Depends on:
Blocks:

Reported:	2015-12-14 04:55 UTC by Santhiar
Modified:	2018-12-01 03:50 UTC (History)
CC List:	0 users

See Also:
Latest Commit:
Version Fixed In:

Attachments
screenshot showing that the configure dialog is not application modal (153.01 KB, image/png) 2015-12-14 05:01 UTC, Santhiar	Details
View All Add an attachment

Note You need to log in before you can comment on or make changes to this bug.

Description Santhiar 2015-12-14 04:55:54 UTC

Opening the configure menu and closing cervisia results in a crash.
While the configure menu is open, close cervisia as "qdbus `qdbus | grep cervisia` /cervisia/MainWindow_1/actions/file_quit trigger"


Reproducible: Always

Steps to Reproduce:
1. Open cervisia, and open the configure menu
2. While the configure menu is open,
3. Close cervisia as "qdbus `qdbus | grep cervisia` /cervisia/MainWindow_1/actions/file_quit trigger"

Actual Results:  
Cervisia crashes

Expected Results:  
Cervisia closes smoothly

This was flagged as a use-after-free bug using a version of Cervisia built with AddressSanitizer.
Please find the KCrash and Address Sanitizer stacks below

================
Cervisia Version
================
Qt: 4.8.7
KDE Development Platform: 4.14.13
Cervisia: 3.10.0

============
KCrash stack
============
Application: Cervisia (cervisia), signal: Segmentation fault
Using host libthread_db library "/lib/x86_64-linux-gnu/libthread_db.so.1".
[Current thread is 1 (Thread 0x7f3e2ee8b780 (LWP 10947))]

Thread 2 (Thread 0x7f3e1e0a8700 (LWP 10952)):
#0  0x00007f3e27fe4d4e in strchrnul () from /lib/x86_64-linux-gnu/libc.so.6
#1  0x00007f3e27f9d124 in vfprintf () from /lib/x86_64-linux-gnu/libc.so.6
#2  0x00007f3e27fa61f7 in fprintf () from /lib/x86_64-linux-gnu/libc.so.6
#3  0x00007f3e28041d80 in __vsyslog_chk () from /lib/x86_64-linux-gnu/libc.so.6
#4  0x00007f3e280423af in syslog () from /lib/x86_64-linux-gnu/libc.so.6
#5  0x00007f3e29221449 in QMutex::unlock (this=0x1917bd0) at thread/qmutex.cpp:311
#6  0x00007f3e291ff625 in QMutex::unlockInline (this=0x1917bd0) at ../../include/QtCore/../../src/corelib/thread/qmutex.h:199
#7  0x00007f3e291ff5ea in QMutexLocker::unlock (this=0x7f3e1e0a7a20) at ../../include/QtCore/../../src/corelib/thread/qmutex.h:121
#8  0x00007f3e291fc885 in QMutexLocker::~QMutexLocker (this=0x7f3e1e0a7a20) at ../../include/QtCore/../../src/corelib/thread/qmutex.h:115
#9  0x00007f3e29401e6e in QThreadData::canWaitLocked (this=0x1917b80) at ../../include/QtCore/private/../../../src/corelib/thread/qthread_p.h:238
#10 0x00007f3e2940530b in QEventDispatcherUNIX::processEvents (this=0x7f3e180008f0, flags=...) at kernel/qeventdispatcher_unix.cpp:911
#11 0x00007f3e293adf6c in QEventLoop::processEvents (this=0x7f3e1e0a7c78, flags=...) at kernel/qeventloop.cpp:149
#12 0x00007f3e293ae332 in QEventLoop::exec (this=0x7f3e1e0a7c78, flags=...) at kernel/qeventloop.cpp:225
#13 0x00007f3e292260a0 in QThread::exec (this=0x192a0e0) at thread/qthread.cpp:659
#14 0x00007f3e2937d994 in QInotifyFileSystemWatcherEngine::run (this=0x192a0e0) at io/qfilesystemwatcher_inotify.cpp:265
#15 0x00007f3e2922ab2a in QThreadPrivate::start (arg=0x192a0e0) at thread/qthread_unix.cpp:361
#16 0x00007f3e2e68ae9a in start_thread () from /lib/x86_64-linux-gnu/libpthread.so.0
#17 0x00007f3e2804638d in clone () from /lib/x86_64-linux-gnu/libc.so.6
#18 0x0000000000000000 in ?? ()

Thread 1 (Thread 0x7f3e2ee8b780 (LWP 10947)):
[KCrash Handler]
#6  0x00007f3e2b131203 in QGraphicsLayoutItem::setSizePolicy (this=0x15d3058, policy=...) at graphicsview/qgraphicslayoutitem.cpp:527
#7  0x00007f3e2a833851 in QWidget::setSizePolicy (this=0x159ecb0, policy=...) at kernel/qwidget.cpp:9911
#8  0x00007f3e2aebe70b in QSplitter::setOrientation (this=0x159ecb0, orientation=Qt::Vertical) at widgets/qsplitter.cpp:1088
#9  0x00007f3e1e9efa84 in CervisiaPart::slotConfigure (this=0x1505a60) at KDE/kde/kdesdk/cervisia/cervisiapart.cpp:1727
#10 0x00007f3e1e9e868b in CervisiaPart::qt_static_metacall (_o=0x1505a60, _c=<optimized out>, _id=<optimized out>, _a=<optimized out>) at KDE/build/kde/kdesdk/cervisia/cervisiapart.moc:191
#11 0x00007f3e293da607 in QMetaObject::activate (sender=0x15df530, m=0x7f3e2b7b5540 <QAction::staticMetaObject>, local_signal_index=1, argv=0x7fff66538120) at kernel/qobject.cpp:3569
#12 0x00007f3e2a79741d in QAction::triggered (this=0x15df530, _t1=false) at .moc/debug-shared/moc_qaction.cpp:277
#13 0x00007f3e2a797232 in QAction::activate (this=0x15df530, event=QAction::Trigger) at kernel/qaction.cpp:1257
#14 0x00007f3e2ae8e717 in QMenuPrivate::activateCausedStack (this=0x1695c20, causedStack=..., action=0x15df530, action_e=QAction::Trigger, self=true) at widgets/qmenu.cpp:1037
#15 0x00007f3e2ae8c5d6 in QMenuPrivate::activateAction (this=0x1695c20, action=0x15df530, action_e=QAction::Trigger, self=true) at widgets/qmenu.cpp:1129
#16 0x00007f3e2ae93a02 in QMenu::mouseReleaseEvent (this=0x1695be0, e=0x7fff66539e88) at widgets/qmenu.cpp:2371
#17 0x00007f3e2bcf3a8e in KMenu::mouseReleaseEvent (this=0x1695be0, e=0x7fff66539e88) at KDE/kde/kdelibs/kdeui/widgets/kmenu.cpp:464
#18 0x00007f3e2a83097e in QWidget::event (this=0x1695be0, event=0x7fff66539e88) at kernel/qwidget.cpp:8389
#19 0x00007f3e2ae9434a in QMenu::event (this=0x1695be0, e=0x7fff66539e88) at widgets/qmenu.cpp:2480
#20 0x00007f3e2a7a748f in QApplicationPrivate::notify_helper (this=0x141c710, receiver=0x1695be0, e=0x7fff66539e88) at kernel/qapplication.cpp:4565
#21 0x00007f3e2a7aa893 in QApplication::notify (this=0x7fff6653b4d0, receiver=0x1695be0, e=0x7fff66539e88) at kernel/qapplication.cpp:4108
#22 0x00007f3e2bb4af7b in KApplication::notify (this=0x7fff6653b4d0, receiver=0x1695be0, event=0x7fff66539e88) at KDE/kde/kdelibs/kdeui/kernel/kapplication.cpp:311
#23 0x00007f3e293b2dc6 in QCoreApplication::notifyInternal (this=0x7fff6653b4d0, receiver=0x1695be0, event=0x7fff66539e88) at kernel/qcoreapplication.cpp:955
#24 0x00007f3e2a7b202f in QCoreApplication::sendSpontaneousEvent (receiver=0x1695be0, event=0x7fff66539e88) at qt/src/gui/../../include/QtCore/../../src/corelib/kernel/qcoreapplication.h:234
#25 0x00007f3e2a7a8531 in QApplicationPrivate::sendMouseEvent (receiver=0x1695be0, event=0x7fff66539e88, alienWidget=0x0, nativeWidget=0x1695be0, buttonDown=0x7f3e2b7fb050 <qt_button_down>, lastMouseReceiver=..., spontaneous=true) at kernel/qapplication.cpp:3171
#26 0x00007f3e2a879229 in QETWidget::translateMouseEvent (this=0x1695be0, event=0x7fff6653b108) at kernel/qapplication_x11.cpp:4459
#27 0x00007f3e2a874ff6 in QApplication::x11ProcessEvent (this=0x7fff6653b4d0, event=0x7fff6653b108) at kernel/qapplication_x11.cpp:3520
#28 0x00007f3e2a8bf456 in QEventDispatcherX11::processEvents (this=0x13f9c90, flags=...) at kernel/qeventdispatcher_x11.cpp:151
#29 0x00007f3e293adf6c in QEventLoop::processEvents (this=0x7fff6653b400, flags=...) at kernel/qeventloop.cpp:149
#30 0x00007f3e293ae332 in QEventLoop::exec (this=0x7fff6653b400, flags=...) at kernel/qeventloop.cpp:225
#31 0x00007f3e293b35ee in QCoreApplication::exec () at kernel/qcoreapplication.cpp:1229
#32 0x00007f3e2a7a9526 in QApplication::exec () at kernel/qapplication.cpp:3823
#33 0x00007f3e2e3d9662 in kdemain (argc=<optimized out>, argv=<optimized out>) at KDE/kde/kdesdk/cervisia/main.cpp:205
#34 0x0000000000400a21 in main (argc=22884440, argv=0x7fff66537d48) at KDE/build/kde/kdesdk/cervisia/cervisia_dummy.cpp:3

=====================
Address Sanitizer Stack
=====================
=================================================================
==13014==ERROR: AddressSanitizer: heap-use-after-free on address 0x61100013e4f8 at pc 0x7f52d34fb8f2 bp 0x7fffcb812530 sp 0x7fffcb812528
READ of size 8 at 0x61100013e4f8 thread T0
    #0 0x7f52d34fb8f1 in CervisiaPart::slotConfigure() KDE/kde/kdesdk/cervisia/cervisiapart.cpp:1727
    #1 0x7f52d34e2e9f in CervisiaPart::qt_static_metacall(QObject*, QMetaObject::Call, int, void**) KDE/build-asan/kde/kdesdk/cervisia/cervisiapart.moc:191
    #2 0x7f52e323e606 in QMetaObject::activate(QObject*, QMetaObject const*, int, void**) (qt4/lib/libQtCore.so.4+0x255606)
    #3 0x7f52e1f8241c in QAction::triggered(bool) (qt4/lib/libQtGui.so.4+0x22541c)
    #4 0x7f52e1f82231 in QAction::activate(QAction::ActionEvent) (qt4/lib/libQtGui.so.4+0x225231)
    #5 0x7f52e2679716 in QMenuPrivate::activateCausedStack(QList<QPointer<QWidget> > const&, QAction*, QAction::ActionEvent, bool) (qt4/lib/libQtGui.so.4+0x91c716)
    #6 0x7f52e26775d5 in QMenuPrivate::activateAction(QAction*, QAction::ActionEvent, bool) (qt4/lib/libQtGui.so.4+0x91a5d5)
    #7 0x7f52e267ea01 in QMenu::mouseReleaseEvent(QMouseEvent*) (qt4/lib/libQtGui.so.4+0x921a01)
    #8 0x7f52e50dbf3e in KMenu::mouseReleaseEvent(QMouseEvent*) KDE/kde/kdelibs/kdeui/widgets/kmenu.cpp:464
    #9 0x7f52e201b97d in QWidget::event(QEvent*) (qt4/lib/libQtGui.so.4+0x2be97d)
    #10 0x7f52e267f349 in QMenu::event(QEvent*) (qt4/lib/libQtGui.so.4+0x922349)
    #11 0x7f52e1f9248e in QApplicationPrivate::notify_helper(QObject*, QEvent*) (qt4/lib/libQtGui.so.4+0x23548e)
    #12 0x7f52e1f95892 in QApplication::notify(QObject*, QEvent*) (qt4/lib/libQtGui.so.4+0x238892)
    #13 0x7f52e4db2340 in KApplication::notify(QObject*, QEvent*) KDE/kde/kdelibs/kdeui/kernel/kapplication.cpp:311
    #14 0x7f52e3216dc5 in QCoreApplication::notifyInternal(QObject*, QEvent*) (qt4/lib/libQtCore.so.4+0x22ddc5)
    #15 0x7f52e1f9d02e in QCoreApplication::sendSpontaneousEvent(QObject*, QEvent*) (qt4/lib/libQtGui.so.4+0x24002e)
    #16 0x7f52e1f93530 in QApplicationPrivate::sendMouseEvent(QWidget*, QMouseEvent*, QWidget*, QWidget*, QWidget**, QPointer<QWidget>&, bool) (qt4/lib/libQtGui.so.4+0x236530)
    #17 0x7f52e2064228 in QETWidget::translateMouseEvent(_XEvent const*) (qt4/lib/libQtGui.so.4+0x307228)
    #18 0x7f52e205fff5 in QApplication::x11ProcessEvent(_XEvent*) (qt4/lib/libQtGui.so.4+0x302ff5)
    #19 0x7f52e20aa455 in QEventDispatcherX11::processEvents(QFlags<QEventLoop::ProcessEventsFlag>) (qt4/lib/libQtGui.so.4+0x34d455)
    #20 0x7f52e3211f6b in QEventLoop::processEvents(QFlags<QEventLoop::ProcessEventsFlag>) (qt4/lib/libQtCore.so.4+0x228f6b)
    #21 0x7f52e3212331 in QEventLoop::exec(QFlags<QEventLoop::ProcessEventsFlag>) (qt4/lib/libQtCore.so.4+0x229331)
    #22 0x7f52e32175ed in QCoreApplication::exec() (qt4/lib/libQtCore.so.4+0x22e5ed)
    #23 0x7f52e1f94525 in QApplication::exec() (qt4/lib/libQtGui.so.4+0x237525)
    #24 0x7f52e6e7ad4f in kdemain KDE/kde/kdesdk/cervisia/main.cpp:205
    #25 0x445ce8 in main (KDE/install-asan/bin/cervisia+0x445ce8)
    #26 0x7f52e0b8176c (/lib/x86_64-linux-gnu/libc.so.6+0x2176c)
    #27 0x445bec in _start (KDE/install-asan/bin/cervisia+0x445bec)
0x61100013e4f8 is located 56 bytes inside of 216-byte region [0x61100013e4c0,0x61100013e598)
freed by thread T0 here:
    #0 0x43120a in operator delete(void*) (KDE/install-asan/bin/cervisia+0x43120a)
    #1 0x7f52d351b419 in CervisiaPart::~CervisiaPart() KDE/kde/kdesdk/cervisia/cervisiapart.cpp:180
    #2 0x7f52e6e8328f in CervisiaShell::~CervisiaShell() KDE/kde/kdesdk/cervisia/cervisiashell.cpp:81
    #3 0x7f52e6e82ca5 in ~CervisiaShell KDE/kde/kdesdk/cervisia/cervisiashell.cpp:80
    #4 0x7f52e6e82ca5 in CervisiaShell::~CervisiaShell() KDE/kde/kdesdk/cervisia/cervisiashell.cpp:80
    #5 0x7f52e3237e3d in qDeleteInEventHandler(QObject*) (qt4/lib/libQtCore.so.4+0x24ee3d)
    #6 0x7f52e32379a7 in QObject::event(QEvent*) (qt4/lib/libQtCore.so.4+0x24e9a7)
    #7 0x7f52e201d345 in QWidget::event(QEvent*) (qt4/lib/libQtGui.so.4+0x2c0345)
    #8 0x7f52e263ef72 in QMainWindow::event(QEvent*) (qt4/lib/libQtGui.so.4+0x8e1f72)
    #9 0x7f52e50d2133 in KMainWindow::event(QEvent*) KDE/kde/kdelibs/kdeui/widgets/kmainwindow.cpp:1126
    #10 0x7f52e51d80b2 in KXmlGuiWindow::event(QEvent*) KDE/kde/kdelibs/kdeui/xmlgui/kxmlguiwindow.cpp:126
    #11 0x7f52e1f9248e in QApplicationPrivate::notify_helper(QObject*, QEvent*) (qt4/lib/libQtGui.so.4+0x23548e)
    #12 0x7f52e1f9832b in QApplication::notify(QObject*, QEvent*) (qt4/lib/libQtGui.so.4+0x23b32b)
    #13 0x7f52e4db2340 in KApplication::notify(QObject*, QEvent*) KDE/kde/kdelibs/kdeui/kernel/kapplication.cpp:311
    #14 0x7f52e3216dc5 in QCoreApplication::notifyInternal(QObject*, QEvent*) (qt4/lib/libQtCore.so.4+0x22ddc5)
    #15 0x7f52e321b549 in QCoreApplication::sendEvent(QObject*, QEvent*) (qt4/lib/libQtCore.so.4+0x232549)
    #16 0x7f52e32183f3 in QCoreApplicationPrivate::sendPostedEvents(QObject*, int, QThreadData*) (qt4/lib/libQtCore.so.4+0x22f3f3)
    #17 0x7f52e32692f6 in QEventDispatcherUNIX::processEvents(QFlags<QEventLoop::ProcessEventsFlag>) (qt4/lib/libQtCore.so.4+0x2802f6)
    #18 0x7f52e20aa669 in QEventDispatcherX11::processEvents(QFlags<QEventLoop::ProcessEventsFlag>) (qt4/lib/libQtGui.so.4+0x34d669)
    #19 0x7f52e3211f6b in QEventLoop::processEvents(QFlags<QEventLoop::ProcessEventsFlag>) (qt4/lib/libQtCore.so.4+0x228f6b)
    #20 0x7f52e3212331 in QEventLoop::exec(QFlags<QEventLoop::ProcessEventsFlag>) (qt4/lib/libQtCore.so.4+0x229331)
    #21 0x7f52e2746c8a in QDialog::exec() (qt4/lib/libQtGui.so.4+0x9e9c8a)
    #22 0x7f52d34fb675 in CervisiaPart::slotConfigure() KDE/kde/kdesdk/cervisia/cervisiapart.cpp:1724
    #23 0x7f52d34e2e9f in CervisiaPart::qt_static_metacall(QObject*, QMetaObject::Call, int, void**) KDE/build-asan/kde/kdesdk/cervisia/cervisiapart.moc:191
    #24 0x7f52e323e606 in QMetaObject::activate(QObject*, QMetaObject const*, int, void**) (qt4/lib/libQtCore.so.4+0x255606)
    #25 0x7f52e1f8241c in QAction::triggered(bool) (qt4/lib/libQtGui.so.4+0x22541c)
    #26 0x7f52e1f82231 in QAction::activate(QAction::ActionEvent) (qt4/lib/libQtGui.so.4+0x225231)
    #27 0x7f52e2679716 in QMenuPrivate::activateCausedStack(QList<QPointer<QWidget> > const&, QAction*, QAction::ActionEvent, bool) (qt4/lib/libQtGui.so.4+0x91c716)
    #28 0x7f52e26775d5 in QMenuPrivate::activateAction(QAction*, QAction::ActionEvent, bool) (qt4/lib/libQtGui.so.4+0x91a5d5)
    #29 0x7f52e267ea01 in QMenu::mouseReleaseEvent(QMouseEvent*) (qt4/lib/libQtGui.so.4+0x921a01)
    #30 0x7f52e50dbf3e in KMenu::mouseReleaseEvent(QMouseEvent*) KDE/kde/kdelibs/kdeui/widgets/kmenu.cpp:464
    #31 0x7f52e201b97d in QWidget::event(QEvent*) (qt4/lib/libQtGui.so.4+0x2be97d)
    #32 0x7f52e267f349 in QMenu::event(QEvent*) (qt4/lib/libQtGui.so.4+0x922349)
    #33 0x7f52e1f9248e in QApplicationPrivate::notify_helper(QObject*, QEvent*) (qt4/lib/libQtGui.so.4+0x23548e)
    #34 0x7f52e1f95892 in QApplication::notify(QObject*, QEvent*) (qt4/lib/libQtGui.so.4+0x238892)
    #35 0x7f52e4db2340 in KApplication::notify(QObject*, QEvent*) KDE/kde/kdelibs/kdeui/kernel/kapplication.cpp:311
    #36 0x7f52e3216dc5 in QCoreApplication::notifyInternal(QObject*, QEvent*) (qt4/lib/libQtCore.so.4+0x22ddc5)
    #37 0x7f52e1f9d02e in QCoreApplication::sendSpontaneousEvent(QObject*, QEvent*) (qt4/lib/libQtGui.so.4+0x24002e)
    #38 0x7f52e1f93530 in QApplicationPrivate::sendMouseEvent(QWidget*, QMouseEvent*, QWidget*, QWidget*, QWidget**, QPointer<QWidget>&, bool) (qt4/lib/libQtGui.so.4+0x236530)
    #39 0x7f52e2064228 in QETWidget::translateMouseEvent(_XEvent const*) (qt4/lib/libQtGui.so.4+0x307228)
    #40 0x7f52e205fff5 in QApplication::x11ProcessEvent(_XEvent*) (qt4/lib/libQtGui.so.4+0x302ff5)
    #41 0x7f52e20aa455 in QEventDispatcherX11::processEvents(QFlags<QEventLoop::ProcessEventsFlag>) (qt4/lib/libQtGui.so.4+0x34d455)
    #42 0x7f52e3211f6b in QEventLoop::processEvents(QFlags<QEventLoop::ProcessEventsFlag>) (qt4/lib/libQtCore.so.4+0x228f6b)
    #43 0x7f52e3212331 in QEventLoop::exec(QFlags<QEventLoop::ProcessEventsFlag>) (qt4/lib/libQtCore.so.4+0x229331)
    #44 0x7f52e32175ed in QCoreApplication::exec() (qt4/lib/libQtCore.so.4+0x22e5ed)
    #45 0x7f52e1f94525 in QApplication::exec() (qt4/lib/libQtGui.so.4+0x237525)
    #46 0x7f52e6e7ad4f in kdemain KDE/kde/kdesdk/cervisia/main.cpp:205
    #47 0x445ce8 in main (KDE/install-asan/bin/cervisia+0x445ce8)
    #48 0x7f52e0b8176c (/lib/x86_64-linux-gnu/libc.so.6+0x2176c)
    #49 0x445bec in _start (KDE/install-asan/bin/cervisia+0x445bec)
previously allocated by thread T0 here:
    #0 0x430f8a in operator new(unsigned long) (KDE/install-asan/bin/cervisia+0x430f8a)
    #1 0x7f52d352a8c9 in QObject* KPluginFactory::createPartInstance<CervisiaPart>(QWidget*, QObject*, QList<QVariant> const&) KDE/install-asan/include/kpluginfactory.h:483
    #2 0x7f52e406f0cc in KPluginFactory::create(char const*, QWidget*, QObject*, QList<QVariant> const&, QString const&) KDE/kde/kdelibs/kdecore/util/kpluginfactory.cpp:203
    #3 0x7f52e6e8581e in KParts::ReadOnlyPart* KPluginFactory::create<KParts::ReadOnlyPart>(QObject*, QList<QVariant> const&) KDE/install-asan/include/kpluginfactory.h:507
    #4 0x7f52e6e7f019 in CervisiaShell::CervisiaShell(char const*) KDE/kde/kdesdk/cervisia/cervisiashell.cpp:48
    #5 0x7f52e6e7abfa in kdemain KDE/kde/kdesdk/cervisia/main.cpp:190
    #6 0x445ce8 in main (KDE/install-asan/bin/cervisia+0x445ce8)
    #7 0x7f52e0b8176c (/lib/x86_64-linux-gnu/libc.so.6+0x2176c)
    #8 0x445bec in _start (KDE/install-asan/bin/cervisia+0x445bec)
SUMMARY: AddressSanitizer: heap-use-after-free KDE/kde/kdesdk/cervisia/cervisiapart.cpp:1727 CervisiaPart::slotConfigure()
Shadow bytes around the buggy address:
  0x0c228001fc40: fa fa fa fa fa fa fa fa fd fd fd fd fd fd fd fd
  0x0c228001fc50: fd fd fd fd fd fd fd fd fd fd fd fd fd fd fd fd
  0x0c228001fc60: fd fa fa fa fa fa fa fa fa fa fa fa fa fa fa fa
  0x0c228001fc70: fd fd fd fd fd fd fd fd fd fd fd fd fd fd fd fd
  0x0c228001fc80: fd fd fd fd fd fd fd fd fd fd fd fd fa fa fa fa
=>0x0c228001fc90: fa fa fa fa fa fa fa fa fd fd fd fd fd fd fd[fd]
  0x0c228001fca0:fd fd fd fd fd fd fd fd fd fd fd fd fd fd fd fd
  0x0c228001fcb0: fd fd fd fa fa fa fa fa fa fa fa fa fa fa fa fa
  0x0c228001fcc0: fd fd fd fd fd fd fd fd fd fd fd fd fd fd fd fd
  0x0c228001fcd0: fd fd fd fd fd fd fd fd fd fa fa fa fa fa fa fa
  0x0c228001fce0: fa fa fa fa fa fa fa fa fd fd fd fd fd fd fd fd
Shadow byte legend (one shadow byte represents 8 application bytes):
  Addressable:           00
  Partially addressable: 01 02 03 04 05 06 07 
  Heap left redzone:     fa
  Heap right redzone:    fb
  Freed heap region:     fd
  Stack left redzone:    f1
  Stack mid redzone:     f2
  Stack right redzone:   f3
  Stack partial redzone: f4
  Stack after return:    f5
  Stack use after scope: f8
  Global redzone:        f9
  Global init order:     f6
  Poisoned by user:      f7
  ASan internal:         fe
==13014==ABORTING

Comment 1 Santhiar 2015-12-14 05:01:21 UTC

Created attachment 96053 [details]
screenshot showing that the configure dialog is not application modal

Comment 2 Santhiar 2015-12-14 05:04:43 UTC

In the version of cervisia that ships with Ubuntu 12.04, the crash can be triggered without using qdbus, by directly closing the application from the File menu when the configure menu is open.
The configure menu is not application modal: see the screen shot attached to the comment above.

Here is the associated crash information:
=============
Version Details
=============
Qt: 4.8.6
KDE Development Platform: 4.13.3
Cervisia: 3.10.0

=================
KCrash Stack Trace
=================
Application: Cervisia (cervisia), signal: Segmentation fault
Using host libthread_db library "/lib/x86_64-linux-gnu/libthread_db.so.1".
[Current thread is 1 (Thread 0x7fc9d84337c0 (LWP 7709))]

Thread 3 (Thread 0x7fc9c1e11700 (LWP 7710)):
#0  __pthread_mutex_unlock_usercnt (decr=1, mutex=0xdbef80) at pthread_mutex_unlock.c:51
#1  __GI___pthread_mutex_unlock (mutex=0xdbef80) at pthread_mutex_unlock.c:310
#2  0x00007fc9d0c039b1 in g_mutex_unlock () from /lib/x86_64-linux-gnu/libglib-2.0.so.0
#3  0x00007fc9d0bc18f9 in g_main_context_query () from /lib/x86_64-linux-gnu/libglib-2.0.so.0
#4  0x00007fc9d0bc1f52 in ?? () from /lib/x86_64-linux-gnu/libglib-2.0.so.0
#5  0x00007fc9d0bc230a in g_main_loop_run () from /lib/x86_64-linux-gnu/libglib-2.0.so.0
#6  0x00007fc9c9bb2336 in ?? () from /usr/lib/x86_64-linux-gnu/libgio-2.0.so.0
#7  0x00007fc9d0be6f05 in ?? () from /lib/x86_64-linux-gnu/libglib-2.0.so.0
#8  0x00007fc9d341f182 in start_thread (arg=0x7fc9c1e11700) at pthread_create.c:312
#9  0x00007fc9d7d3847d in clone () at ../sysdeps/unix/sysv/linux/x86_64/clone.S:111

Thread 2 (Thread 0x7fc9c1610700 (LWP 7711)):
#0  0x00007fc9d7d2b12d in poll () at ../sysdeps/unix/syscall-template.S:81
#1  0x00007fc9d0bc1fe4 in ?? () from /lib/x86_64-linux-gnu/libglib-2.0.so.0
#2  0x00007fc9d0bc20ec in g_main_context_iteration () from /lib/x86_64-linux-gnu/libglib-2.0.so.0
#3  0x00007fc9d0bc2129 in ?? () from /lib/x86_64-linux-gnu/libglib-2.0.so.0
#4  0x00007fc9d0be6f05 in ?? () from /lib/x86_64-linux-gnu/libglib-2.0.so.0
#5  0x00007fc9d341f182 in start_thread (arg=0x7fc9c1610700) at pthread_create.c:312
#6  0x00007fc9d7d3847d in clone () at ../sysdeps/unix/sysv/linux/x86_64/clone.S:111

Thread 1 (Thread 0x7fc9d84337c0 (LWP 7709)):
[KCrash Handler]
#6  QSplitter::setOrientation (this=0xee40c0, orientation=Qt::Vertical) at widgets/qsplitter.cpp:1082
#7  0x00007fc9ab2e0c88 in CervisiaPart::slotConfigure (this=0xeddfe0) at ../cervisiapart.cpp:1724
#8  0x00007fc9ab2ea485 in CervisiaPart::qt_static_metacall (_o=0xeddfe0, _id=2, _a=0x7fc9d7ffc778 <main_arena+24>, _c=<optimized out>) at ./cervisiapart.moc:191
#9  0x00007fc9d5f1687a in QMetaObject::activate (sender=sender@entry=0xf96a90, m=m@entry=0x7fc9d5acade0 <QAction::staticMetaObject>, local_signal_index=local_signal_index@entry=1, argv=argv@entry=0x7ffd96176130) at kernel/qobject.cpp:3539
#10 0x00007fc9d501aa62 in QAction::triggered (this=this@entry=0xf96a90, _t1=false) at .moc/release-shared/moc_qaction.cpp:276
#11 0x00007fc9d501c433 in QAction::activate (this=0xf96a90, event=<optimized out>) at kernel/qaction.cpp:1257
#12 0x00007fc9d5f1ac1e in QObject::event (this=0xf96a90, e=e@entry=0x10f7390) at kernel/qobject.cpp:1194
#13 0x00007fc9d501c4f2 in QAction::event (this=<optimized out>, e=e@entry=0x10f7390) at kernel/qaction.cpp:1187
#14 0x00007fc9d6876e9f in KAction::event (this=<optimized out>, event=0x10f7390) at ../../kdeui/actions/kaction.cpp:131
#15 0x00007fc9d5020e2c in QApplicationPrivate::notify_helper (this=this@entry=0xc46410, receiver=receiver@entry=0xf96a90, e=e@entry=0x10f7390) at kernel/qapplication.cpp:4567
#16 0x00007fc9d50274a0 in QApplication::notify (this=this@entry=0x7ffd961769f0, receiver=receiver@entry=0xf96a90, e=e@entry=0x10f7390) at kernel/qapplication.cpp:4353
#17 0x00007fc9d694cd1a in KApplication::notify (this=0x7ffd961769f0, receiver=0xf96a90, event=0x10f7390) at ../../kdeui/kernel/kapplication.cpp:311
#18 0x00007fc9d5f024dd in QCoreApplication::notifyInternal (this=0x7ffd961769f0, receiver=receiver@entry=0xf96a90, event=event@entry=0x10f7390) at kernel/qcoreapplication.cpp:953
#19 0x00007fc9d5f05b3d in sendEvent (event=0x10f7390, receiver=0xf96a90) at ../../include/QtCore/../../src/corelib/kernel/qcoreapplication.h:231
#20 QCoreApplicationPrivate::sendPostedEvents (receiver=receiver@entry=0x0, event_type=event_type@entry=0, data=0xc0e670) at kernel/qcoreapplication.cpp:1577
#21 0x00007fc9d5f05fe3 in QCoreApplication::sendPostedEvents (receiver=receiver@entry=0x0, event_type=event_type@entry=0) at kernel/qcoreapplication.cpp:1470
#22 0x00007fc9d5f2ff83 in sendPostedEvents () at ../../include/QtCore/../../src/corelib/kernel/qcoreapplication.h:236
#23 postEventSourceDispatch (s=0xc42590) at kernel/qeventdispatcher_glib.cpp:287
#24 0x00007fc9d0bc1e04 in g_main_context_dispatch () from /lib/x86_64-linux-gnu/libglib-2.0.so.0
#25 0x00007fc9d0bc2048 in ?? () from /lib/x86_64-linux-gnu/libglib-2.0.so.0
#26 0x00007fc9d0bc20ec in g_main_context_iteration () from /lib/x86_64-linux-gnu/libglib-2.0.so.0
#27 0x00007fc9d5f2f7a1 in QEventDispatcherGlib::processEvents (this=0xc0fb50, flags=...) at kernel/qeventdispatcher_glib.cpp:434
#28 0x00007fc9d50c2be6 in QGuiEventDispatcherGlib::processEvents (this=<optimized out>, flags=...) at kernel/qguieventdispatcher_glib.cpp:204
#29 0x00007fc9d5f010af in QEventLoop::processEvents (this=this@entry=0x7ffd96176880, flags=...) at kernel/qeventloop.cpp:149
#30 0x00007fc9d5f013a5 in QEventLoop::exec (this=this@entry=0x7ffd96176880, flags=...) at kernel/qeventloop.cpp:204
#31 0x00007fc9d5f06b79 in QCoreApplication::exec () at kernel/qcoreapplication.cpp:1225
#32 0x00007fc9d501f37c in QApplication::exec () at kernel/qapplication.cpp:3828
#33 0x00007fc9d8050589 in kdemain (argc=<optimized out>, argv=<optimized out>) at ../main.cpp:205
#34 0x00007fc9d7c5fec5 in __libc_start_main (main=0x4006d0 <main(int, char**)>, argc=1, argv=0x7ffd96176b28, init=<optimized out>, fini=<optimized out>, rtld_fini=<optimized out>, stack_end=0x7ffd96176b18) at libc-start.c:287
#35 0x00000000004006fe in _start ()

Comment 3 Andrew Crouthamel 2018-11-01 13:47:23 UTC

Dear Bug Submitter,

This bug has been stagnant for a long time. Could you help us out and re-test if the bug is valid in the latest version? I am setting the status to NEEDSINFO pending your response, please change the Status back to REPORTED when you respond.

Thank you for helping us make KDE software even better for everyone!

Comment 4 Bug Janitor Service 2018-11-16 11:36:54 UTC

Dear Bug Submitter,

This bug has been in NEEDSINFO status with no change for at least
15 days. Please provide the requested information as soon as
possible and set the bug status as REPORTED. Due to regular bug
tracker maintenance, if the bug is still in NEEDSINFO status with
no change in 30 days the bug will be closed as RESOLVED > WORKSFORME
due to lack of needed information.

For more information about our bug triaging procedures please read the
wiki located here:
https://community.kde.org/Guidelines_and_HOWTOs/Bug_triaging

If you have already provided the requested information, please
mark the bug as REPORTED so that the KDE team knows that the bug is
ready to be confirmed.

Thank you for helping us make KDE software even better for everyone!

Comment 5 Bug Janitor Service 2018-12-01 03:50:59 UTC

This bug has been in NEEDSINFO status with no change for at least
30 days. The bug is now closed as RESOLVED > WORKSFORME
due to lack of needed information.

For more information about our bug triaging procedures please read the
wiki located here:
https://community.kde.org/Guidelines_and_HOWTOs/Bug_triaging

Thank you for helping us make KDE software even better for everyone!